​5 million ‘compromised’ Google accounts leaked

A database of what appears to be some 5 million login and password pairs for Google accounts has been leaked to a Russian cyber security internet forum. It follows similar leaks of account data for popular Russian web services.

The text file containing
the alleged compromised accounts data was published late on Tuesday on the Bitcoin
Security board. It lists 4.93 million entries, although the forum
administration has since purged passwords from it, leaving only
the logins.

The accounts are mostly those of Google users and give access to
Gmail mail service, G+ social network and other products of the
US-based internet giant. The forum user tvskit, who published the
file, claimed that 60 percent of the passwords were valid, with
some users confirming that they found their data in the base,
reports CNews, a popular Russian IT news website.

Google Russia said it is investigating the alleged leak, adding
that it advises customers to use strong passwords and enable
two-step login verification to protect their accounts.

The leak comes just days after similar leaks affected Mail.ru and
Yandex, both popular Russian internet services. The previous
leaks contained 4.66 and 1.26 million accounts respectively.

Both companies said that an overwhelming majority of the accounts
listed were either obsolete, suspended for suspicious behavior or
non-existent. They insisted that their own databases were not
compromised and suggested that the leaked data was accumulated
over years through phishing and other forms of hacking attacks on
users.